Lucene search
+L

12744 matches found

EUVD
EUVD
added 2026/06/08 3:22 p.m.14 views

EUVD-2026-35099

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/08 3:22 p.m.10 views

CVE-2026-44185

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.3CVSS5.4AI score0.00598EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.23 views

PT-2026-47323

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A buffer over-read occurs during outbound OCSP Online Certificate Status Protocol requests sent to an attacker-controlled OCSP server. A buffer over-read is a condition where a syste...

7.5CVSS5.6AI score0.00937EPSS
Exploits0References154
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.143 views

Apache 2.4.x < 2.4.68 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.68. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.68 advisory. - CVE-2026-49975, also known as HTTP/2 Bomb, is a remote denial-of-service exploit against most major web servers, including:...

9.8CVSS5.4AI score0.11471EPSS
Exploits8References13
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.22 views

EulerOS Virtualization 2.13.1 : libpng (EulerOS-SA-2026-2135)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

8.3CVSS5.8AI score0.00955EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.15 views

RHEL 10 : php8.4 (RHSA-2026:22649)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22649 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also...

9.1CVSS5.8AI score0.0078EPSS
Exploits1References14
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.13 views

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

5.3CVSS5.6AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 10:5 p.m.37 views

CVE-2025-59609 Buffer Over-read in WLAN Host Communication

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

5.5CVSS0.00091EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 2:43 a.m.15 views

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.14 views

RHEL 10 : ovn25.09 (RHSA-2026:22111)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22111 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References13
CloudLinux
CloudLinux
added 2026/05/28 2:32 p.m.17 views

postfix: Fix of CVE-2026-43964

makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

7.5CVSS6AI score0.00415EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/27 9:42 p.m.19 views

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 9:24 a.m.45 views

CVE-2026-45843 slip: bound decode() reads against the compressed packet length

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

8.2CVSS0.00278EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this...

7.1CVSS6.1AI score0.00126EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/05/27 12:0 a.m.32 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

9.8CVSS6.3AI score0.01376EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2026/05/26 3:29 a.m.23 views

gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

7.1CVSS7.2AI score0.00634EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/05/22 6:16 p.m.24 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS6AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2026/05/22 1:17 p.m.18 views

OESA-2026-2387 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.9AI score0.01849EPSS
Exploits4References16
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.15 views

SUSE CVE-2026-44067

A heap over-read in extended attribute EA header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via crafted EA data...

4.2CVSS5.8AI score0.00292EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-45624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a...

5.1CVSS5.4AI score0.0012EPSS
Exploits0References3
Rows per page
Query Builder